Preview Image

Web shell upload via Content-Type restriction bypass

Laboratorio de Portswigger sobre File Upload

Nov 24, 2024 Portswigger, File Upload

Preview Image

Remote code execution via web shell upload

Laboratorio de Portswigger sobre File Upload

Nov 24, 2024 Portswigger, File Upload

Preview Image

Server-side template injection with information disclosure via user-supplied objects

Laboratorio de Portswigger sobre SSTI

Nov 23, 2024 Portswigger, SSTI

Preview Image

Server-side template injection in an unknown language with a documented exploit

Laboratorio de Portswigger sobre SSTI

Nov 23, 2024 Portswigger, SSTI

Preview Image

Server-side template injection using documentation

Laboratorio de Portswigger sobre SSTI

Nov 23, 2024 Portswigger, SSTI

Preview Image

Basic server-side template injection (code context)

Laboratorio de Portswigger sobre SSTI

Nov 22, 2024 Portswigger, SSTI

Preview Image

Basic server-side template injection

Laboratorio de Portswigger sobre SSTI

Nov 22, 2024 Portswigger, SSTI

Preview Image

Blind SQL injection with conditional responses

Laboratorio de Portswigger sobre SQLI

Nov 16, 2024 Portswigger, SQLI

Preview Image

SQL injection UNION attack, retrieving multiple values in a single column

Laboratorio de Portswigger sobre SQLI

Nov 15, 2024 Portswigger, SQLI

Preview Image

SQL injection UNION attack, retrieving data from other tables

Laboratorio de Portswigger sobre SQLI

Nov 15, 2024 Portswigger, SQLI